1. Field of the Disclosure
The present disclosure relates to methods and systems of using data processing systems, and more particularly to methods, data processing systems, and data processing system readable media for use in order to authenticate parties.
2. Description of the Related Art
Identity management is perceived by managers in some industries as one of the most important technologies to ensure smooth operations of the computer systems. It consistently ranks high in the list of “must-have” applications, especially in organizations that have significant exposure to confidential information from customers, such as financial services organizations.
Multiplicity of identities needed to access various applications and subscriptions, some of them confidential in nature, put significant pressure on users and application developers as well as service providers. Standards bodies, such as OASIS or Liberty Alliance, attempted to address the issue with initiatives supporting standard account representations and federated identity. These approaches do a poor job of protecting the customers and business users from fraud in utilizing their access privileges or payment mechanisms. If valid access credentials are used by a non-authorized party, these standards will not identify the fraudulent nature of the transaction. Identity theft is rampant, and the existing mechanisms do not alleviate the concerns in this area. In order to deal with the consequences of identity theft, legislative initiatives have been proposed. However, legal provisions alone are insufficient to eliminate the threat. Technology will need to be developed to render difficult or impossible the task of assuming another person's identity.
The addition of a new security layer, such as Security Assertion Markup Language (herein, “SAML”), eXtensible Access Control Markup Language (herein, “XACML”), or other similar specifications, does not solve the problem of identity preservation. Hardware-based initiatives, such as Trusted Computing, help address some of the related issues when operations are performed from one authorized and enabled device, but in today's multi-device mobile world, this approach is not sufficient. The identity preservation problem will likely need to be solved at a lower level, not only during the process of communicating identity information to distributed applications, but during the entry of the identity information for authentication. In many situations, identity information cannot be confirmed to be authentic (i.e., whether an online purchaser is using his/her own identity or another's identity information that he/she is not authorized to use). Thus, identity protection at entry time when the user cannot be observed can be important.
Elements used to reduce the likelihood of identity theft have been implemented in various tools, e.g. one-time credit card numbers for e-commerce that are supported by major credit card issuers and strong or multi-factor authentication is part of access control in many environments, especially in banking. Several authentication procedures are available for commercial applications. From simple user identification/password systems, to private/public key encrypted credentials and digital signatures, to additional hardware tokens (e.g., SecureID and smart cards) and even biometrics, access to systems and services is secured in multiple ways.
However, these technologies, as they are implemented in applications, are not foolproof. Moreover, these approaches are application dependent and require additional development for each implementation that adds to the cost of implementing and maintaining the system.
Skilled artisans will appreciate that elements in the figures are illustrated for simplicity and clarity and have not necessarily been drawn to scale.